diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 000000000000..c9cc89adc29c
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,293 @@
+name: Build
+'on':
+ workflow_call:
+ secrets:
+ AWS_ACCESS_KEY_ID:
+ required: true
+ AWS_SECRET_ACCESS_KEY:
+ required: true
+ AZURE_CLIENT_ID:
+ required: false
+ AZURE_CRT:
+ required: false
+ AZURE_TENANT_ID:
+ required: false
+ AZURE_SUBSCRIPTION_ID:
+ required: false
+ AZURE_VAULT_ID:
+ required: false
+ MACOS_CRT:
+ required: false
+ MACOS_ID:
+ required: false
+ MACOS_PWD:
+ required: false
+
+env:
+ RUST_VER: "1.63.0"
+ SHELL: "/bin/bash"
+
+permissions:
+ id-token: write
+ contents: read
+
+jobs:
+ build-windows:
+ name: 🪟 Build for Windows
+ runs-on: windows-latest-8-cores
+ env:
+ MOZ_NOSPAM: 1
+ JSIGN_PATH: /c/ProgramData/scoop/shims/jsign-4.0.jar
+ steps:
+ - name: Checkout branch
+ uses: actions/checkout@v3
+
+ - name: Set build directory
+ run: |
+ $pattern = '[\\]'
+ $BUILD_DIR = $env:GITHUB_WORKSPACE -replace $pattern, '/'
+ echo "G_WORKSPACE=${BUILD_DIR}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+
+ - name: Install depends
+ run: |
+ iwr -useb get.scoop.sh -outfile 'install.ps1'
+ .\install.ps1 -RunAsAdmin
+ scoop install wget sccache llvm nasm --global
+ mkdir -p ~\\scoop\\buckets\\my-bucket
+ Copy-Item -Path $env:GITHUB_WORKSPACE\\build\\github-actions\\mozilla-build.json -Destination ~\scoop\buckets\my-bucket
+ scoop install my-bucket/mozilla-build --global
+ rustup default $env:RUST_VER-pc-windows-msvc
+
+ - name: Set system PATH variable
+ shell: bash
+ run: sed -i 's/SET PATH=.*/&;C:\\Rust\\.cargo\\bin;C:\\ProgramData\\scoop\\shims;C:\\ProgramData\\scoop\\apps\\llvm\\current\\bin/g' /c/ProgramData/scoop/apps/mozilla-build/current/start-shell.bat
+
+ - name: Cache for Windows
+ uses: actions/cache@v3
+ with:
+ path: |
+ ~/AppData/Local/Mozilla/sccache/cache
+ key: ${{ runner.os }}-${{ hashFiles('**/browser/config/version_display.txt') }}
+
+ - name: Build
+ run: |
+ C:\\ProgramData\\scoop\\apps\\mozilla-build\\current\\start-shell.bat "$Env:G_WORKSPACE/build/github-actions/build.sh"
+
+ - name: mach build installer
+ run: |
+ C:\\ProgramData\\scoop\\apps\\mozilla-build\\current\\start-shell.bat "$Env:G_WORKSPACE/build/github-actions/package.sh"
+
+ - name: Fix JAVA_HOME_8_X64 for shell
+ run: |
+ $pattern = '[\\]'
+ $JAVA_HOME = $env:JAVA_HOME_8_X64 -replace $pattern, '/'
+ echo "JAVA_HOME_8_X64_SHELL=${JAVA_HOME}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+
+ - name: "\U0001FAAA Azure CLI Login via OIDC"
+ uses: azure/login@v1
+ with:
+ client-id: '${{ secrets.AZURE_CLIENT_ID }}'
+ tenant-id: '${{ secrets.AZURE_TENANT_ID }}'
+ subscription-id: '${{ secrets.AZURE_SUBSCRIPTION_ID }}'
+
+ - name: Sign
+ run: |
+ cd $G_WORKSPACE
+ BROWSER_VERSION=`cat browser/config/version_display.txt`
+ /c/ProgramData/scoop/shims/wget.exe https://github.com/ebourg/jsign/releases/download/4.0/jsign-4.0.jar -P /c/ProgramData/scoop/shims/
+ chmod +x /c/ProgramData/scoop/shims/
+ pushd objdir-classic/dist/install/sea/
+ 7z x waterfox-classic-$BROWSER_VERSION.en-US.win64.installer.exe
+ rm -f waterfox-classic-$BROWSER_VERSION.en-US.win64.installer.exe
+ find ./ -type f -name "*.exe" -exec $JAVA_HOME_8_X64_SHELL/bin/java.exe -jar $JSIGN_PATH --storetype AZUREKEYVAULT --keystore ${{ secrets.AZURE_VAULT_ID }} --alias ${{ secrets.AZURE_CRT }} --tsaurl "http://rfc3161timestamp.globalsign.com/advanced" --tsmode RFC3161 --alg SHA-256 --storepass "$(az account get-access-token --resource "https://vault.azure.net" --tenant ${{ secrets.AZURE_TENANT_ID }} | jq -r .accessToken)" {} \;
+ find ./ -type f -name "*.dll" -exec $JAVA_HOME_8_X64_SHELL/bin/java.exe -jar $JSIGN_PATH --storetype AZUREKEYVAULT --keystore ${{ secrets.AZURE_VAULT_ID }} --alias ${{ secrets.AZURE_CRT }} --tsaurl "http://rfc3161timestamp.globalsign.com/advanced" --tsmode RFC3161 --alg SHA-256 --storepass "$(az account get-access-token --resource "https://vault.azure.net" --tenant ${{ secrets.AZURE_TENANT_ID }} | jq -r .accessToken)" {} \;
+ 7z a -r -t7z app.7z -mx -m0=BCJ2 -m1=LZMA:d25 -m2=LZMA:d19 -m3=LZMA:d19 -mb0:1 -mb0s1:2 -mb0s2:3
+ cp $G_WORKSPACE/browser/installer/windows/app.tag .
+ cp $G_WORKSPACE/other-licenses/7zstub/firefox/7zSD.sfx .
+ cat 7zSD.sfx app.tag app.7z > "WaterfoxClassic$BROWSER_VERSION.exe"
+ $JAVA_HOME_8_X64_SHELL/bin/java.exe -jar $JSIGN_PATH --storetype AZUREKEYVAULT --keystore ${{ secrets.AZURE_VAULT_ID }} --alias ${{ secrets.AZURE_CRT }} --tsaurl "http://rfc3161timestamp.globalsign.com/advanced" --tsmode RFC3161 --alg SHA-256 --storepass "$(az account get-access-token --resource "https://vault.azure.net" --tenant ${{ secrets.AZURE_TENANT_ID }} | jq -r .accessToken)" "WaterfoxClassic$BROWSER_VERSION.exe"
+ az logout
+ rm -rf core 7zSD.sfx app.tag app.7z setup.exe
+ popd
+ shell: bash
+
+ - name: Get Previous tag
+ id: previoustag
+ uses: WyriHaximus/github-action-get-previous-tag@v1
+
+ - name: Generate update files
+ run: |
+ $pattern = '[\\]'
+ $env:BUILD_DIR = $env:GITHUB_WORKSPACE
+ $env:BUILD_DIR = $env:BUILD_DIR -replace $pattern, '/'
+ Write-Output $env:BUILD_DIR
+ $env:TAG = "${{ steps.previoustag.outputs.tag }}"
+ Write-Output $env:TAG
+ C:\\ProgramData\\scoop\\apps\\mozilla-build\\current\\start-shell.bat "$env:BUILD_DIR/build/github-actions/update.sh"
+
+ - name: Upload artifact
+ uses: actions/upload-artifact@v3
+ with:
+ name: Artifact_Classic_Windows_${{ github.run_id }}
+ path: |
+ ./objdir-*/dist/install/sea/*.exe
+ ./objdir-*/dist/update/waterfox-classic-*.en-US.*.complete.xz.mar
+ ./objdir-*/dist/update/update.xml
+
+ build-linux:
+ name: 🐧 Build for Linux
+ runs-on: ubuntu-18.04
+ container:
+ image: ghcr.io/waterfoxco/waterfox-classic_docker_img:latest
+ steps:
+ - name: Checkout branch
+ uses: actions/checkout@v3
+
+ - name: Cache for Linux
+ uses: actions/cache@v3
+ with:
+ path: ~/.ccache
+ key: ${{ runner.os }}-${{ hashFiles('**/browser/config/version_display.txt') }}
+
+ - name: Build
+ run: |
+ rustup default ${RUST_VER}-x86_64-unknown-linux-gnu
+ ./mach build
+
+ - name: Package
+ run: |
+ ./mach package
+
+ - name: Get Previous tag
+ id: previoustag
+ uses: WyriHaximus/github-action-get-previous-tag@v1
+
+ - name: Generate update files
+ run: |
+ export BUILD_DIR=$GITHUB_WORKSPACE
+ export TAG=${{ steps.previoustag.outputs.tag }}
+ chmod +x ./build/github-actions/update.sh
+ ./build/github-actions/update.sh
+
+ - name: Upload Linux artifacts
+ uses: actions/upload-artifact@v3
+ with:
+ name: Artifact_Classic_Linux_${{ github.run_id }}
+ path: |
+ ./objdir-*/dist/waterfox*.tar.bz2
+ ./objdir-*/dist/update/waterfox-classic-*.en-US.*.complete.xz.mar
+ ./objdir-*/dist/update/update.xml
+
+ build-mac:
+ name: 🍏 Build for macOS
+ runs-on: macos-11
+ steps:
+ - name: Checkout branch
+ uses: actions/checkout@v3
+
+ - name: Set up Xcode version
+ uses: maxim-lobanov/setup-xcode@v1
+ with:
+ xcode-version: "11.7"
+
+ - name: Install depends
+ run: |
+ brew update
+ brew install autoconf@2.13 ccache make nasm yasm
+ rustup default ${RUST_VER}-x86_64-apple-darwin
+
+ - name: Download SDK
+ run: |
+ wget https://github.com/phracker/MacOSX-SDKs/releases/download/11.3/MacOSX10.12.sdk.tar.xz
+ tar -xvf MacOSX10.12.sdk.tar.xz -C ../
+
+ - name: Cache for macOS
+ uses: actions/cache@v3
+ with:
+ path: |
+ ~/Library/Caches/ccache
+ key: ${{ runner.os }}-${{ hashFiles('**/browser/config/version_display.txt') }}
+
+ - name: Build
+ run: ./mach build
+
+ - name: Package
+ run: |
+ ./mach package
+
+ - name: Setup keychain
+ uses: apple-actions/import-codesign-certs@v1
+ with:
+ p12-file-base64: ${{ secrets.MACOS_CRT }}
+ p12-password: ${{ secrets.MACOS_PWD }}
+
+ - name: Get Previous tag
+ id: previoustag
+ uses: WyriHaximus/github-action-get-previous-tag@v1
+
+ - name: Sign .app
+ run: |
+ wget https://hg.mozilla.org/releases/mozilla-esr60/raw-file/tip/security/mac/hardenedruntime/codesign.bash https://hg.mozilla.org/releases/mozilla-esr60/raw-file/tip/security/mac/hardenedruntime/production.entitlements.xml
+ chmod +x ./codesign.bash
+ ./codesign.bash -a objdir-classic/dist/waterfox-classic/Waterfox\ Classic.app -i "${{ secrets.MACOS_ID }}" -e ./production.entitlements.xml
+
+ - name: Create and sign DMG
+ run: |
+ BROWSER_VERSION=`cat browser/config/version_display.txt`
+ chmod +x ./browser/branding/unofficial/create-dmg
+ ./browser/branding/unofficial/create-dmg \
+ --volname "Waterfox Classic Setup" \
+ --volicon "browser/branding/unofficial/disk.icns" \
+ --background "browser/branding/unofficial/background.png" \
+ --window-pos 200 120 \
+ --window-size 520 380 \
+ --no-internet-enable \
+ --icon-size 128 \
+ --icon "Waterfox Classic.app" 100 178 \
+ --hide-extension "Waterfox Classic.app" \
+ --hdiutil-quiet \
+ --format UDBZ \
+ --eula "browser/branding/unofficial/license.txt" \
+ --app-drop-link 400 178 \
+ "objdir-classic/dist/waterfox-classic/Waterfox Classic ${BROWSER_VERSION} Setup.dmg" \
+ "objdir-classic/dist/waterfox-classic/Waterfox Classic.app"
+ codesign -s "${{ secrets.MACOS_ID }}" -fv "objdir-classic/dist/waterfox-classic/Waterfox Classic ${BROWSER_VERSION} Setup.dmg"
+ xcrun altool --notarize-app -f "objdir-classic/dist/waterfox-classic/Waterfox Classic ${BROWSER_VERSION} Setup.dmg" --primary-bundle-id 'org.waterfoxproject.waterfoxclassic' -u ${{ secrets.MACOS_DEV_ID }} -p ${{ secrets.MACOS_DEV_PWD }}
+
+ - name: Create MAR
+ run: |
+ BROWSER_VERSION=$(grep 'DisplayVersion=' ./objdir-classic/dist/waterfox-classic/Waterfox\ Classic.app/Contents/Resources/application.ini | cut -d'=' -f2)
+ mkdir -p ./objdir-classic/dist/update
+ xml=(''
+ ''
+ ' '
+ ' '
+ ' '
+ '')
+ for line in "${xml[@]}" ; do echo $line >> ./objdir-classic/dist/update/update.xml ; done
+ chmod +x ./objdir-classic/dist/host/bin/mar
+ MAR=./objdir-classic/dist/host/bin/mar \
+ ./tools/update-packaging/make_full_update.sh \
+ ./objdir-classic/dist/update/waterfox-classic-$BROWSER_VERSION.en-US.osx64.complete.xz.mar \
+ ./objdir-classic/dist/waterfox-classic/Waterfox\ Classic.app
+ VERSION=$(grep '\' ./objdir-classic/dist/waterfox-classic/Waterfox\ Classic.app/Contents/Resources/application.ini | cut -d'=' -f2)
+ BUILDID=$(grep 'BuildID=' ./objdir-classic/dist/waterfox-classic/Waterfox\ Classic.app/Contents/Resources/application.ini | cut -d'=' -f2)
+ SHA512=$(shasum -a 512 ./objdir-classic/dist/update/waterfox-classic-$BROWSER_VERSION.en-US.osx64.complete.xz.mar | awk '{print $1}')
+ SIZE=$(ls -l ./objdir-classic/dist/update/waterfox-classic-$BROWSER_VERSION.en-US.osx64.complete.xz.mar | awk '{print $5}')
+ echo "Display Version: $BROWSER_VERSION, Version: $VERSION, Build ID: $BUILDID, File Size: $SIZE, SHA512: $SHA512"
+ sed -i '' -e "s/OPERATING_SYSTEM/$OPERATING_SYSTEM/g" ./objdir-classic/dist/update/update.xml
+ sed -i '' -e "s/BROWSER_VERSION/$BROWSER_VERSION/g" ./objdir-classic/dist/update/update.xml
+ sed -i '' -e "s/VERSION/$VERSION/g" ./objdir-classic/dist/update/update.xml
+ sed -i '' -e "s/BUILDID/$BUILDID/g" ./objdir-classic/dist/update/update.xml
+ sed -i '' -e "s/SIZE/$SIZE/g" ./objdir-classic/dist/update/update.xml
+ sed -i '' -e "s/HASH/"$SHA512"/g" ./objdir-classic/dist/update/update.xml
+ sed -i '' -e "s/TAG/${{ steps.previoustag.outputs.tag }}/g" ./objdir-classic/dist/update/update.xml
+
+ - name: Upload macOS DMG
+ uses: actions/upload-artifact@v3
+ with:
+ name: Artifact_Classic_macOS_${{ github.run_id }}
+ path: |
+ ./objdir-*/dist/waterfox-classic/*.dmg
+ ./objdir-*/dist/update/*.mar
+ ./objdir-*/dist/update/update.xml
diff --git a/.github/workflows/classic-release.yml b/.github/workflows/classic-release.yml
index 2e805d139091..487d4ce60a28 100644
--- a/.github/workflows/classic-release.yml
+++ b/.github/workflows/classic-release.yml
@@ -1,8 +1,7 @@
name: Build Classic for Release
on:
- release:
- types: [published]
+ workflow_dispatch:
env:
ENABLE_ARTIFACTS_MODE: "true"
diff --git a/.github/workflows/release-pipeline.yml b/.github/workflows/release-pipeline.yml
new file mode 100644
index 000000000000..d35591ab6f9e
--- /dev/null
+++ b/.github/workflows/release-pipeline.yml
@@ -0,0 +1,27 @@
+name: Release Pipeline
+on:
+ release:
+ types: [published]
+jobs:
+ build:
+ name: Build
+ uses: ./.github/workflows/build.yml
+ secrets:
+ AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
+ AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_ACCESS_KEY_SECRET }}'
+ AZURE_CLIENT_ID: '${{ secrets.AZURE_CLIENT_ID }}'
+ AZURE_CRT: '${{ secrets.AZURE_CRT }}'
+ AZURE_SUBSCRIPTION_ID: '${{ secrets.AZURE_SUBSCRIPTION_ID }}'
+ AZURE_TENANT_ID: '${{ secrets.AZURE_TENANT_ID }}'
+ AZURE_VAULT_ID: '${{ secrets.AZURE_VAULT_ID }}'
+ MACOS_ID: '${{ secrets.MACOS_ID }}'
+ MACOS_PWD: '${{ secrets.MACOS_PWD }}'
+ MACOS_CRT: '${{ secrets.MACOS_CRT }}'
+
+ release:
+ name: Release
+ uses: ./.github/workflows/release.yml
+ needs: build
+ secrets:
+ AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
+ AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_ACCESS_KEY_SECRET }}'
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 000000000000..d236e58a2bdc
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,201 @@
+name: Release
+'on':
+ workflow_call:
+ secrets:
+ AWS_ACCESS_KEY_ID:
+ required: true
+ AWS_SECRET_ACCESS_KEY:
+ required: true
+
+env:
+ SHELL: "/bin/bash"
+
+jobs:
+ checksum:
+ runs-on: ubuntu-latest-8-cores
+ steps:
+ - name: Checkout branch
+ uses: actions/checkout@v3
+
+ - name: Download all artifacts
+ uses: actions/download-artifact@v3
+ with:
+ path: ./objdir-*/dist
+
+ - name: Generate checksum file
+ run: |
+ mkdir ./dist
+ mv ./objdir-*/dist/Artifact_Classic_*_${{ github.run_id }}/objdir-*/dist/waterfox*.tar.bz2 ./dist/
+ mv ./objdir-*/dist/Artifact_Classic_*_${{ github.run_id }}/objdir-*/dist/waterfox-classic/Waterfox*.dmg ./dist/
+ mv ./objdir-*/dist/Artifact_Classic_*_${{ github.run_id }}/objdir-*/dist/install/sea/*.exe ./dist/
+ cd ./dist/
+ checksumFile=$(basename waterfox*.tar.bz2 | sed 's/.tar.bz2//g' | sed 's/.linux-x86_64//g' | sed 's/.en-US//g'| sed 's/$/.sha256/g')
+ sha256sum waterfox*.tar.bz2 | tee -a "$checksumFile"
+ sha256sum Waterfox*.dmg | tee -a "$checksumFile"
+ sha256sum Waterfox*.exe | tee -a "$checksumFile"
+
+ - name: Get Previous tag
+ id: previoustag
+ uses: WyriHaximus/github-action-get-previous-tag@v1
+
+ - name: Upload SHASUM
+ uses: ncipollo/release-action@v1
+ with:
+ allowUpdates: true
+ artifacts: ./dist/waterfox*.sha256
+ tag: ${{ steps.previoustag.outputs.tag }}
+ token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Upload artifact
+ uses: actions/upload-artifact@v3
+ with:
+ name: Artifact_Classic_Checksum_${{ github.run_id }}
+ path: ./dist/waterfox*.sha256
+
+ upload:
+ runs-on: ubuntu-latest-8-cores
+ steps:
+ - name: Checkout branch
+ uses: actions/checkout@v3
+
+ - name: Download all artifacts
+ uses: actions/download-artifact@v3
+ with:
+ path: ./objdir-*/dist
+
+ - name: Get Previous tag
+ id: previoustag
+ uses: WyriHaximus/github-action-get-previous-tag@v1
+
+ - name: 🪟 Upload Windows Installer
+ uses: ncipollo/release-action@v1
+ with:
+ allowUpdates: true
+ artifacts: ./objdir-*/dist/install/sea/*.exe
+ artifactContentType: application/vnd.microsoft.portable-executable
+ tag: ${{ steps.previoustag.outputs.tag }}
+ token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: 🪟 Upload Windows MAR
+ uses: ncipollo/release-action@v1
+ with:
+ allowUpdates: true
+ artifacts: ./objdir-*/dist/update/waterfox-classic-*.en-US.*.complete.xz.mar
+ tag: ${{ steps.previoustag.outputs.tag }}
+ token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: 🐧 Upload Linux Installer
+ uses: ncipollo/release-action@v1
+ with:
+ allowUpdates: true
+ artifacts: ./objdir-*/dist/waterfox*.tar.bz2
+ artifactContentType: application/zip
+ tag: ${{ steps.previoustag.outputs.tag }}
+ token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: 🐧 Upload Linux MAR
+ uses: ncipollo/release-action@v1
+ with:
+ allowUpdates: true
+ artifacts: ./objdir-*/dist/update/waterfox-classic-*.en-US.*.complete.xz.mar
+ tag: ${{ steps.previoustag.outputs.tag }}
+ token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: 🍎 Upload macOS Artifacts
+ uses: ncipollo/release-action@v1
+ with:
+ allowUpdates: true
+ artifacts: ./objdir-*/dist/waterfox-classic/*.dmg,./objdir-*/dist/update/*.mar
+ tag: ${{ steps.previoustag.outputs.tag }}
+ token: ${{ secrets.GITHUB_TOKEN }}
+
+ aus-upload-dryrun:
+ runs-on: ubuntu-latest-8-cores
+ env:
+ AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ AWS_EC2_METADATA_DISABLED: true
+ AWS_REGION: us-west-2
+ AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ steps:
+ - name: Checkout branch
+ uses: actions/checkout@v3
+
+ - name: Download all artifacts
+ uses: actions/download-artifact@v3
+ with:
+ path: ./objdir-*/dist
+
+ - name: Get Previous tag
+ id: previoustag
+ uses: WyriHaximus/github-action-get-previous-tag@v1
+
+ - name: Dry run AUS
+ run: |
+ mkdir win64
+ mkdir linux64
+ mkdir osx64
+ mv ./objdir-*/dist/Artifact_Classic_Linux_${{ github.run_id }}/objdir-*/dist/update/update.xml ./linux64/
+ mv ./objdir-*/dist/Artifact_Classic_macOS_${{ github.run_id }}/objdir-*/dist/update/update.xml ./osx64/
+ mv ./objdir-*/dist/Artifact_Classic_Windows_${{ github.run_id }}/objdir-*/dist/update/update.xml ./win64/
+ os=(win64 linux64 osx64)
+ for o_sys in ${os[@]}
+ do
+ update_loc=$o_sys/update.xml
+ dir=${o_sys/64/-classic}
+ aws s3 cp --content-type="text/xml" --metadata-directive="REPLACE" $update_loc \
+ s3://aus.waterfox.net/update/old/test/$dir/update.xml
+ for j in $(aws s3 ls s3://aus.waterfox.net/update/old/$o_sys/ | awk '{OFS=" "};{if ($1=="PRE") print $2}')
+ do
+ ver=$(echo $j | sed 's/\///g')
+ if [[ $j == 'old/' ]]
+ then
+ continue
+ elif [[ $j != '/' ]]
+ then
+ aws s3 cp --dryrun --content-type="text/xml" --metadata-directive="REPLACE" $update_loc \
+ s3://aus.waterfox.net/update/old/$o_sys/$ver/en-US/release/update.xml
+ fi
+ done
+ done
+
+ touch blank.xml
+ echo '' > blank.xml
+ tag=${{ steps.previoustag.outputs.tag }}
+ version=${tag/-classic/}
+ os=(linux64 osx64 win64)
+ for i in ${os[@]}
+ do
+ aws s3 cp --content-type="text/xml" --metadata-directive="REPLACE" blank.xml \
+ s3://aus.waterfox.net/update/old/$i/$version/en-US/release/update.xml
+ done
+
+ aus-upload-release:
+ runs-on: ubuntu-latest-8-cores
+ needs: [aus-upload-dryrun]
+ environment: hard-release
+ env:
+ AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ AWS_EC2_METADATA_DISABLED: true
+ AWS_REGION: us-west-2
+ AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ steps:
+ - name: Upload to AUS
+ run: |
+ os=(win64 linux64 osx64)
+ for o_sys in ${os[@]}
+ do
+ dir=${o_sys/64/-classic}
+ update_loc=s3://aus.waterfox.net/update/old/test/$dir/update.xml
+ for j in $(aws s3 ls s3://aus.waterfox.net/update/old/$o_sys/ | awk '{OFS=" "};{if ($1=="PRE") print $2}')
+ do
+ ver=$(echo $j | sed 's/\///g')
+ if [[ $j == 'old/' ]]
+ then
+ continue
+ elif [[ $j != '/' ]]
+ then
+ aws s3 cp --content-type="text/xml" --metadata-directive="REPLACE" $update_loc \
+ s3://aus.waterfox.net/update/old/$o_sys/$ver/en-US/release/update.xml
+ fi
+ done
+ done